package com.lpinfo.spca.zuul.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

/**
 * 网关层统一跨域处理
 */
@Configuration
public class LpinfoSpcaZuulCorsConfig {

    /**
     * 开发环境暂时这么处理
     * 禁止全局跨域 禁止全域名跨域 禁止全路径访问
     * @return
     */
    @Bean
    public CorsFilter corsFilter(){
        // 初始化cors配置对象
        CorsConfiguration configuration = new CorsConfiguration();
        // 允许使用cookie，但是使用cookie是addAllowedOrigin必须是具体的地址，不能是*
        configuration.setAllowCredentials(true);
        // 设置允许的远程请求域
        configuration.addAllowedOrigin("*");
        //允许的请求方式,get,put,post,delete
        configuration.addAllowedMethod("*");
        //允许的头信息
        configuration.addAllowedHeader("*");
        //初始化cors的源对象配置
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**",configuration);
        //3.返回新的CorsFilter.
        return new CorsFilter(urlBasedCorsConfigurationSource);
    }

}